• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

Mobile ID World

Mobile ID World

Identification Revolution

  • Mobile ID
    • What Is Mobile ID?
    • Identity Associations
    • Premier Partners
    • FAQ
  • News
  • Solutions
    • Behavioral
    • Facial Recognition
    • Fingerprint Biometrics
    • Iris Biometrics
    • Second Factor
    • Smart Cards
    • Smartphones
    • Vital
    • Voice
    • Wearable Tech
    • Other
  • Applications
    • Access Control
    • Cloud Technology
    • Commerce
    • Enterprise
    • Healthcare
    • Identification
    • Internet of Things
    • Law Enforcement
    • Strong Online Authentication
  • Exclusive
    • Interviews
    • Featured Articles
    • Podcasts
  • Companies
  • Events

Meta’s Anonymous Credential Service Enables Privacy-protecting Authentication

April 18, 2022

Meta is trying to come up with new ways to process large amounts of data while still protecting the privacy of people on its platforms. To that end, the company has started using a new Anonymous Credential Service (ACS) that is the result of collaboration between academia and the private sector.

Meta's Anonymous Credential Service Enables Privacy-protecting Authentication

In practice, the ACS is essentially an authentication service that can verify someone’s identity without needing to know any personal details. The solution relies on the exchange of tokens that can be used as secure authentication factors even after identifying information has been obscured. The two-phase authentication process begins when an end user sends a token request to a server through a secure channel. The user picks a ‘blinding factor’ to encode the token, and the server signs the token and sends it back to the user.

The second phase is the actual authentication, in which the user unblinds the signed token and sends it (instead of a user ID) for approval through an anonymous channel. The ACS uses a shared secret to confirm that the token is legitimate, and that the request is coming from an authentic source. The token generation process and the authentication process are completely separate to ensure that the data being processed has been distanced from the person that it belongs to.

According to Meta, the new solution is useful because it minimizes the computational burden on its servers. In that regard, the ACS is able to proactively de-identify data before it hits Meta’s servers, and requires less resources than the tech giant’s old system that de-identified and aggregated data after it had already been processed.

Meta also allows people to reuse tokens a set number of times before creating a new one to further reduce the strain on its data centers. However, the company requires a new token each time a user is authenticated for certain high-risk transactions. The ACS has now been deployed across several high-volume Meta applications, including WhatsApp, where it allows Meta to gather performance data that can be used to improve the app without collecting personal information from individual users.

ACS is built on top of a Twine foundation with C++ code. Meta itself has struggled with privacy in the past, most notably with the Cambridge Analytica scandal and its BIPA lawsuit in Illinois. In the former, the FTC fined Meta (then Facebook) $5 billion for sharing personal information with third parties without consent, while in the latter, the company paid $650 million to settle a suit that alleged that the company illegally gathered and stored biometric data from its users.

With that in mind, the ACS could give Meta a way to process data while mitigating its legal exposure in the wake of those high-profile (and expensive cases). The company has already decided to discontinue its facial recognition program in the wake of the BIPA settlement.

Filed Under: Carousel, Featured, Industry News Tagged With: anonymity, Anonymous Credential Service, authentication, cryptography, Facebook, Meta, Meta ACS, Meta Anonymous Credential Service, privacy, privacy protections, WhatsApp

Related News & Articles

WHOOP Biometric Wristband Excites Investors in $100M Series E

Canadian Bank Turns to Yoti for Selfie Onboarding

Google to Take Aim at iPhone with New Pixel Smartphones

Primary Sidebar

Register For the Next Virtual Identity Summit

Travel & Hospitality Biometrics Online Summit
Register now!

Tweets

Sponsored Links

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi's product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Recent Posts

  • AU10TIX Provides Selfie Onboarding for Israeli Digital Bank
  • ‘Meta Pay’ Plans Hint at Digital ID Applications
  • Google Switches to New In-display Fingerprint Sensor for Upcoming Pixel 6a
  • Meta Deactivates Instagram Filters for Users in Texas and Illinois
  • Selfie Onboarding Specialist Names New CFO

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2022 MobileIDWorld